Last Update: August 30, 2007
What people read, research or access remains a fundamental matter of privacy. One should be able to access all constitutionally protected information and at the same time feel secure that what one reads, researches or finds through our Nation's libraries is no one's business but their own.
There are many privacy bills that have been introduced into recent Congresses relating to business, health, student and other records. The expansion of e-government, e-commerce, and other forms of electronic transactions, including library services, raises serious questions for the library community in protecting individual privacy, especially the privacy and confidentiality of library patron records.
"The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated." -- Fourth Amendment of the U.S. Constitution
What follows is an except from a Congressional Research Service report on FISA:
The Foreign Intelligence Surveillance Act of 1978, P.L. 95-511, 92 Stat. 1783 (October 25, 1978), 50 U.S.C. ���� 1801 et seq. (hereinafter FISA), was enacted in response both to the Committee to Study Government Operations with Respect to Intelligence Activities (otherwise known as the Church Committee) revelations regarding past abuses of electronic surveillance for national security purposes and to the somewhat uncertain state of the law on the subject. While FISA now provides a statutory framework for gathering foreign intelligence information through the use of electronic surveillance, physical searches, and pen registers or trap and trace devices, and access to business records and other tangible things, the 1978 Act dealt only with electronic surveillance. The provisions passed almost 30 years ago became Title I of FISA. As originally enacted, the measure provided a statutory framework for collection of foreign intelligence information through the use of electronic surveillance of communications of foreign powers or agents of foreign powers, as those terms were defined in the act. The act has been amended repeatedly in the intervening years in an effort to address changing circumstances. Then, as now, the Congress sought to strike a balance between national security interests and civil liberties.
For recent developments in FISA, please visit the District Dispatch.
The legislation was poorly conceived, enacted with minimal debate and is generally considered unworkable, expensive, and unfair. In addition, it creates new security and identity theft risks and presents civil liberties, especially privacy concerns. The Act requires the collection of large amounts of personal data, but lacks adequate privacy safeguards; it turns DMV employees into immigration officials; it exceeds 100 times in cost what Congress initially estimated, and instead of increasing security actually creates a greater security risk.
The Real ID Act of 2005 (H.R. 418) would, in Section 202, tighten driver's license and identity card requirements for immigrants. The bill is reportedly headed for the House floor on a fast track. The measure is likely to reach the House floor the week of Feb. 7.
The legislation would require people applying for, or seeking renewal of, state- issued driver's licenses and ID cards to prove their "lawful presence" in the United States. The legislation is similar in many respects to language that is included in the Intelligence Reform and Terrorism Prevention Act of 2004 (P.L. 108-458) that passed late last year. It differs by adding back in the language concerning immigrants that was struck from that bill.
The ALA has expressed concern about the move to standardized machine-readable driver's licenses and personal identification cards because of the potential privacy implications for library users.
Driver's licenses are commonly used by the public as a means of identification for obtaining a library card and driver's license numbers have been entered into the user's registration record, and could potentially result in the ability to search library use by individuals. Additionally, some states have prohibited public bodies from accepting non-U.S. identification cards for receipt of public services - including library services.
At least 10 states currently issue ID cards to people in the country illegally. Under Sensenbrenner's bill, licenses from those states could not easily be used as identification for federal purposes, such as at airports. License holders might be asked for further proof of their lawful presence before their state-issued identification would be accepted by federal officials.
On May 5, 2004, the Data-Mining Reporting Act of 2004 (HR 4290) was introduced by Reps. Jim McDermott D-WA) and William Lacy Clay (D-MO). It would require the head of each department or agency of the Federal Government that is engaged in any activity to use or develop data mining technology to submit a public report to Congress on all such activities of the department or agency.
On December 12, 2003, the DOD Inspector General released the results of an audit of TIA conducted as a result of Congressional inquiries. The audit concluded that "[a]lthough the DARPA development of TIA-type technologies could prove valuable in combating terrorism," DARPA failed to perform any form of privacy impact assessment, did not involve appropriate privacy and legal experts, and 'focused on development of new technology rather than on the policies, procedures, and legal implications associated with the operational use of technology.' The report acknowledged that DARPA was sponsoring "research of privacy safeguards and options that would balance security and privacy issues," but found that such measures "were not as comprehensive as a privacy impact assessment would have been in scrutinizing TIA technology."
The final report of the Technology and Privacy Advisory Committee (TAPAC) for the Department of Defense was released on May 24, 2004. The TAPAC was created in February 2003 to examine the Terrorism Information Awareness (TIA) program and to develop safeguards "to ensure that the application of this or any like technology developed with DOD is carried out in accordance with U.S. law and American values related to privacy." While calling data mining "a vital tool in the fight against terrorism," the report concludes the TIA and similar government programs needs safeguards to adequately protect U.S. citizens' privacy interests and civil liberties, and prevent data mining from becoming "the 21st-century equivalent of general searches, which the authors of the Bill of Rights were so concerned to protect against."The report contains detailed recommendations "intended to help the Secretary of Defense establish the clear rules and policy guidance, educational and technological tools, and appropriate managerial oversight and advisory resources necessary to guide DOD's use of data mining to protect national security without compromising the privacy of U.S. persons."
For an excellent detailed overview of government mining of commercial data and privacy issues, click here (PDF).